Lucene search
+L

481 matches found

CVE
CVE
added 2025/08/11 2:55 a.m.37 views

CVE-2025-24844

The CVE-2025-24844 entry involves OpenHarmony, affected in v5.0.3 and earlier. The root cause is a missing release of memory, leading to a local denial-of-service condition (availability impact), as described by multiple sources. Exploitation is local with low attack complexity and low privileges...

5.5CVSS7AI score0.00118EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/08/11 2:55 a.m.10 views

CVE-2025-24298 liteos_a has an UAF vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...

8.4CVSS0.00145EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/11 2:36 a.m.4 views

CVE-2025-27577 liteos_a has a race condition vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...

8.4CVSS7.8AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/11 12:0 a.m.7 views

OpenHarmony 资源管理错误漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom OpenAtom Foundation. A resource management error vulnerability exists in OpenHarmony v5.0.3 and earlier versions, which originates from post-release reuse in tcb and could lead to the execution of arbitrary...

8.4CVSS6.9AI score0.00145EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.4 views

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI suffer from an insufficient...

5.1CVSS6.6AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.6 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei HarmonyOS skia module, which can be exploited by an attacker to compromise confidentiality...

8.8CVSS7AI score0.00205EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/13 7:21 a.m.8 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS6.1AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2025/06/11 7:15 a.m.8 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS0.00185EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/11 6:55 a.m.5 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS6.9AI score0.00185EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/11 6:55 a.m.23 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS0.00185EPSS
Exploits0References2
CVE
CVE
added 2025/06/11 6:55 a.m.50 views

CVE-2024-35295

CVE-2024-35295 affects Perfect Harmony GH180 versions V8.0–V8.3.3 with the NXGPro+ controller (manufactured 2020–2025). The maintenance connection fails to protect access to the device configuration, enabling a physically proximate attacker with access to the maintenance port to perform arbitrary...

6.1CVSS6.1AI score0.00185EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.7 views

PT-2025-25183 · Unknown · Perfect Harmony Gh180

Name of the Vulnerable Software and Affected Versions: Perfect Harmony GH180 versions V8.0 through V8.3.3 Description: A security issue has been identified where the maintenance connection of affected devices does not protect access to the device's control unit configuration. This could allow an...

6.1CVSS6.5AI score0.00185EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.4 views

Siemens SINAMICS PERFECT HARMONY GH180 访问控制错误漏洞

The Siemens SINAMICS PERFECT HARMONY GH180 is a high-voltage AC inverter from Siemens Germany. An access control error vulnerability exists in the Siemens SINAMICS PERFECT HARMONY GH180 versions prior to V8.0 through V8.3.3, which stems from improper access control of the maintenance connection a...

6.1CVSS6.8AI score0.00185EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:46 a.m.8 views

CVE-2024-24912

A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system...

6.7CVSS7.4AI score0.0016EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:41 a.m.19 views

CVE-2024-55956

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory...

9.8CVSS10AI score0.93804EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:35 a.m.12 views

CVE-2024-50623

In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution...

9.8CVSS9.8AI score0.98529EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.7 views

CVE-2023-28134

Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.4AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 p.m.10 views

CVE-2021-22704

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer all versions prior to V6.2 SP11 , Vijeo Designer Basic all versions prior to V1.2, or EcoStruxure Machine Expert all versions prior to V2.0 that could...

9.1CVSS6.5AI score0.01282EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:39 p.m.11 views

CVE-2021-30359

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation...

7.8CVSS7.1AI score0.0393EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:42 p.m.9 views

CVE-2021-37063

There is a Cryptographic Issues vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to read and delete images of Harmony devices...

9.8CVSS6.8AI score0.00741EPSS
Exploits0References1
Rows per page
Query Builder